cancel
Showing results for 
Search instead for 
Did you mean: 

Execution order of policy

小白
Cirrus
Cirrus
Hi,I know that for a program, there must be a sequence of execution, so what is the sequence of ASM policy?I want to know the order of various protection strategies in a policy. For example, compared with SQL injection and XPath injection, who takes effect first, and what is the order of other protection strategies?

Snipaste_2022-02-24_10-06-50.png

2 REPLIES 2

AlexBCT
MVP
MVP

Hi, Is there a particular function you would like to know this for? It may help get you to the answer. 

Do keep in mind though that the WAF system works on an "all-match" strategy (all components that are active and get matched will be reported), rather than a "first-match" strategy (like a firewall policy). 

Obviously, when the blacklist and injection exist at the same time, the blacklist must take effect first, isn't it? Then I believe there is a sequence for the same strategy